Payment Card Industry (pci) pin transaction Security (pts) Hardware Security Module (hsm) Modular Evaluation Vendor Questionnaire

Download 0.91 Mb.

Page	10/19
Date	28.01.2017
Size	0.91 Mb.
	#9274

1 ... 6 7 8 9 10 11 12 13 ... 19

Section B11

#	If the answer to B11 in the PCI HSM Modular Security Requirements was “YES,” describe:
1	The key management techniques i.e., fixed key, master key/session key, or unique key per transaction (UKPT) used for PIN-protection.
2	Whether each key is used for only one cryptographic purpose. Yes No How is this enforced?
3	How keys are protected during key storage against unauthorized disclosure and substitution.
4	How key separation is ensured during key storage.
5	All cryptographic algorithms implemented by the device.
6	Whether the device has the ability to erase cryptographic keys. Yes No
7	What keys may be erased.
8	The process used for erasure.
9	The circumstances under which keys are erased. Describe for all device states (power-on, power-off, sleep mode).
10		Any other data that may be erased along with the cryptographic keys. The circumstances under which such data may be erased.
11	The keys that are not erased.
12	How all keys present or otherwise used in the device are loaded, including who the key is generated by (e.g., acquirer or manufacturer) generates and whether the keys are loaded encrypted or as plaintext or as encrypted or plaintext components/secret shares.
13		Whether there is a key-distribution technique present that uses an asymmetric algorithm with a public key for the exchange of symmetric secret keys, and address each of the following regarding this key-distribution technique:
		The technique utilizes a random/pseudo-random key-generation process such that it is not possible to predict any key or determine that certain keys within the key space are significantly more probable than others.	Yes No N/A
		Is the random source tested in a suitable manner before key generation?	Yes No
		How the authenticity of public keys is ensured.
		Whether there is a certificate hierarchy.	Yes No
		How certificates (signed public keys of the key-exchange partners) are generated—i.e., who signs?
		Whether there is mutual device authentication.	Yes No
		If certificates are used, how they are tested and accepted or rejected.
		Whether there is a secure formatting and padding of the message used containing the symmetric secret key.	Yes No
		Whether the correctness of the message structure is tested by the receiver.	Yes No
14		How the authenticity of origin is ensured—e.g., is the signature of the exchange message tested?
		The reaction of the device if an authenticity test fails.
		The effective key length(s) that is/are utilized for all the cryptographic algorithm(s) in question.
		Whether the chosen key length is appropriate for the algorithm and its protection purpose.	Yes No
		For the algorithm(s) used, the key size(s) used as denoted in Appendix D of the DTRs.
15		The hashing algorithm(s) that are used.
16		The purpose of their usage(s).
17		Whether single component keys can be loaded and the algorithm used to encrypt them during key entry.
18		All storage and usage locations for each key ever present in or used by the device.
19		Each combination of key-exchange technique and key-storage mechanism supported by the device (e.g., ANSI TR-31).
20		How keys stored or used by the device are generated.
21		Whether the device uses any key-derivation method. Yes No
		If “YES,” describe the method.
22		Whether any key is calculated as a variant of another key. Yes No
		If “YES,” describe how the variant(s) are protected at an equivalent or greater level of security as the original key(s).
Comments:

Directory: documents
documents -> Concept stage
documents -> Concept stage
documents -> The great global switch-off
documents -> Nonprofit grant application
documents -> The Truth about the Rwandan Genocide
documents -> Annual InStructional unit plan
documents -> Chaos equipment included

Download 0.91 Mb.

Share with your friends:

1 ... 6 7 8 9 10 11 12 13 ... 19